Port question

Discussion in 'Cisco' started by Rob, Sep 7, 2004.

  1. Rob

    Rob Guest

    Usually if I want to see if I have access to a specific port like 25 on a
    server, and if that port is open on the firewall, I'll try this command:
    telnet 140.25.28.99 25 then I see a message which verifys that, but my
    question is, can I use the same command for any port, like 389 or 709 or
    443? If so, what should I see if the port is available and if it is not?

    Thanks in advance-Rob
    Rob, Sep 7, 2004
    #1
    1. Advertising

  2. Rob

    Scooby Guest

    "Rob" <> wrote in message news:413de11b$...
    > Usually if I want to see if I have access to a specific port like 25 on a
    > server, and if that port is open on the firewall, I'll try this command:
    > telnet 140.25.28.99 25 then I see a message which verifys that, but my
    > question is, can I use the same command for any port, like 389 or 709 or
    > 443? If so, what should I see if the port is available and if it is not?
    >
    > Thanks in advance-Rob
    >
    >


    It really depends upon the application on the other end. In reality, all ip
    (tcp for this example) ports run exactly the same. They accept a connection
    and then pass appropriate traffic back and forth. The port number makes it
    easy to know what application to run when the connection happens. So, when
    you connect, the receiving application will do what it does. In the case of
    telnet, it usually gives a login prompt or page. In the case of many other
    applications (such as http), it just accepts the connection and then waits
    for you to send something that makes sense. The best way to tell is if you
    get a connection at all - that sez the port is active. You don't care if
    any data comes across.

    Udp operates differently than tcp, but same idea - all ports are the same
    until the underlying app does what it will.

    That said, if the host is using tcp wrappers, you could be fooled. The port
    may be active, just not active to you. In that case, the connection would
    happen, but then you'd be immediately dropped.

    Hope that helps,

    Jim
    Scooby, Sep 7, 2004
    #2
    1. Advertising

  3. In article <413de11b$>, Rob <> wrote:
    :Usually if I want to see if I have access to a specific port like 25 on a
    :server, and if that port is open on the firewall, I'll try this command:
    :telnet 140.25.28.99 25 then I see a message which verifys that, but my
    :question is, can I use the same command for any port, like 389 or 709 or
    :443? If so, what should I see if the port is available and if it is not?

    You can -try- to telnet to any TCP port. The reaction will depend
    whether there are filters/firewalls along the way, on whether the
    port is open, and upon the exact software that is handling the port.

    Except for the few well-known ports that use text-based protocols
    with built in "I'm here" banner messages, *most* of the time if the port
    is open and you tell net to it, what you will see is that your
    system says that the connection is open, and you see nothing
    coming from the remote end. The fact that your system said that
    the port was connection was open (rather than that the connection
    was refused, no route to host, connection timed out) gives you the
    information that the port is reachable.


    You can't -always- imitate a connection using telnet, even if you
    have soem way of pasting / typing arbitrary binary bytes into the
    telnet data stream. (If the protocol is binary, that just makes it
    harder, not impossible.) But it doesn't always work: when you
    use telnet, telnet attempts [behind your back] to negotiate settings
    with the remote system, such informing the other system what your
    terminal type and preferred delete character are. That negotiation
    phase can [usually will] confuse binary protocols. In many telnet
    clients, there is a way to turn off that negotiation phase, but that
    mechanism is not -usually- available if you use the command line form

    telnet IP PORT

    Usually, you would instead have to do something like entering
    into the telnet program, setting the option to disable negotiation
    [which might take a few steps], and then using the telnet 'open'
    command to connect to the desired IP and port. The details depend
    upon the telnet client one is using -- read the manual pages
    closely if you are concerned about the possibility. [But if you
    -are- concerned about this possibility, it's probably better to
    write a small program to make the connection for you and send the
    data stream you want, instead if you trying the insert the binary
    into the telnet data stream.]
    --
    Oh, yeah, an African swallow maybe, but not a European swallow.
    That's my point.
    Walter Roberson, Sep 7, 2004
    #3
  4. Rob

    AnyBody43 Guest

    -cnrc.gc.ca (Walter Roberson) wrote
    > Rob <> wrote:
    > :Usually if I want to see if I have access to a specific port like 25 on a
    > :server, and if that port is open on the firewall, I'll try this command:
    > :telnet 140.25.28.99 25 then I see a message which verifys that, but my
    > :question is, can I use the same command for any port, like 389 or 709 or
    > :443? If so, what should I see if the port is available and if it is not?
    >
    > You can -try- to telnet to any TCP port. The reaction will depend
    > whether there are filters/firewalls along the way, on whether the
    > port is open, and upon the exact software that is handling the port.


    > command to connect to the desired IP and port. The details depend
    > upon the telnet client one is using -- read the manual pages
    > closely if you are concerned about the possibility. [But if you
    > -are- concerned about this possibility, it's probably better to
    > write a small program to make the connection for you and send the
    > data stream you want, instead if you trying the insert the binary
    > into the telnet data stream.]



    You could use tcpdump (windump) to view the packets in one window
    and telnet in another.

    Run windump filtering on TCP or UDP port 445

    C:\>windump port 445
    windump: listening on \Device\NPF_{42D40A14-07D8-4544-8CA4-6D7882C0DF03}
    12:27:49.567774 IP xxx-01.xxx.local.4061 >
    server1.xxx.local.445: #S# 2409317214:2409317214(0)
    win 25200 <mss 1260,nop,nop,sackOK> (DF)

    12:27:49.568201 IP server1.xxx.local.445 >
    xxx-01.xxx.local.4061: #S# 2410527056:2410527056(0) #ack#
    2409317215 win 17640 <mss 1460,nop,nop,sackOK> (DF)

    12:27:49.568228 IP xxx-01.xxx.local.4061 >
    server1.xxx.local.445: . #ack# 1 win 25200 (DF)

    Interesting bits shown bracketed by #.


    In another window

    >telnet server1 445



    In this case we get the TCP 3 way handshake
    SYN Client to server
    SYN ack Server to client
    ack Client to server

    This is #positive# proof that TCP communications is working.


    Example when it the dest port is not available
    C:\>windump port 5900
    windump: listening on \Device\NPF_{42D40A14-07D8-4544-8CA4-6D7882C0DF03}

    12:26:29.090258 IP xxx-01.xxx.local.4048 >
    server1.xxx.local.5900: #S# 2390355457:2390355457(0)
    win 25200 <mss 1260,nop,nop,sackOK> (DF)
    12:26:29.090596 IP server1.xxx.local.5900 >
    xxx-01.xxx.local.4048: #R# 0:0(0) ack 2390355458 win 0


    Repeated twice more.

    This time we get:-

    SYN Client to server
    RST Server to Client (sometimes firewalls or whatever
    may block this)


    To use Windump you need to install winpcap first.
    Just run windump.exe for windump, no install:)).

    http://windump.polito.it/install/default.htm
    http://winpcap.polito.it/install/bin/WinPcap_3_0.exe

    Examples:-
    windump host 1.1.1.1 and port 25
    windump host 2.2.2.2
    windump port 25
    AnyBody43, Sep 8, 2004
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Weiguang Shi
    Replies:
    1
    Views:
    4,421
  2. Jon Whitear
    Replies:
    2
    Views:
    2,262
    Jon Whitear
    Nov 4, 2003
  3. Dmitry
    Replies:
    0
    Views:
    3,567
    Dmitry
    Apr 1, 2004
  4. Link
    Replies:
    1
    Views:
    436
    Walter Roberson
    May 9, 2004
  5. John Ramsden
    Replies:
    0
    Views:
    833
    John Ramsden
    Jul 24, 2004
Loading...

Share This Page